Category Archives: Security

HttpModule basics

The a HTTP module is used when you need to intercept and examine the incoming HTTP requests before or after the page life cycle. The HTTPModule provides events where you can plug into to examine or alter the request or  response within the asp.net cycle. HTTPModule are the perfect place the apply security checks.

Removing the X-Asp.Net version header

HTTP headers leak technical information to potential attackers about a system. To harden the security of an application you need to disclose as little information about a system as possible. In this post I will show to remove the Asp.net version from HTTP server header responses.

Complex password validation

Complex password validation Our team had to build a  regular expression for a client to password validation and it had the following requirements. Below is the expression for anyone that needs anything like this. Hopefully I safe someone some time.